Chatgpt On Wechat Cowagent

1 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2026-5998 MEDIUM POC PATCH This Month

Path traversal in zhayujie chatgpt-on-wechat CowAgent up to version 2.0.4 allows unauthenticated remote attackers to read arbitrary files via the filename parameter in the API Memory Content Endpoint (agent/memory/service.py). The vulnerability has a publicly available exploit, carries a moderate CVSS score of 5.3 reflecting limited confidentiality impact, and has been patched by the vendor in version 2.0.5 with patch commit 174ee0cafc9e8e9d97a23c305418251485b8aa89.

Python Path Traversal Information Disclosure Chatgpt On Wechat Cowagent
NVD VulDB GitHub
CVSS 4.0
5.5
EPSS
0.0%
CVE-2026-5998
EPSS 0% CVSS 5.5
MEDIUM POC PATCH This Month

Path traversal in zhayujie chatgpt-on-wechat CowAgent up to version 2.0.4 allows unauthenticated remote attackers to read arbitrary files via the filename parameter in the API Memory Content Endpoint (agent/memory/service.py). The vulnerability has a publicly available exploit, carries a moderate CVSS score of 5.3 reflecting limited confidentiality impact, and has been patched by the vendor in version 2.0.5 with patch commit 174ee0cafc9e8e9d97a23c305418251485b8aa89.

Python Path Traversal Information Disclosure +1
NVD VulDB GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy